The Rise of Social Media Data Breaches

Alex McConnell
Alex McConnell
4 Minute read
The Rise of Social Media Data Breaches

Article Contents

    Cybercriminals are always looking for the new weak link and social media is a point of vulnerability for many businesses. As it becomes more common for social media to be used for and by businesses, the opportunity for cybercriminals to use social media in their attacks grows.

    Social media is an essential tool for networking, events, advertising, keeping up with trends and more. However, with the rise of remote working and personal smart devices, social media data breaches are fast becoming a risk of which companies need to be aware.

    What is a data breach?

    Data breaches are the result of a cyber-attack where criminals gain unauthorized access to a computer system or network and steal private, sensitive, or confidential personal and financial information.

    Common cyber-attacks used in data breaches

    Leaked data almost certainly ends up on the dark web, which leads to cybercrime such as password crackingcredential stuffing and phishing.

    Hackers can use social media data breaches to create detailed profiles of potential victims and conduct targeted phishing attacks. Cybercriminals could also use the information to spam emails and phone numbers, or brute-force the passwords of social media profiles and their associated email addresses.

    If enough personally identifiable information (PII) is gathered in a data breach, this can lead to identity fraud and identity theft. These threats are increasingly becoming a concern online, mainly due to the rise in data breaches. Facebook estimates that anywhere from 50 million to 100 million of its monthly active user accounts are fake duplicates. As of late 2020, almost half of all consumers worldwide expect to be hit by a data breach.

    How social media impacts businesses

    Trust is a vital ingredient for social networks to operate successfully. They entice people to overshare confidential information, therefore providing cybercriminals with data that significantly assists them in breaching organizations.

    Cybercriminals primarily target business accounts

    These criminals may target a business’s employees and customers by impersonating the brand in an attempt to steal their credentials. The more visible and engaged with a business is on social media, the greater the possibility that a cybercriminal will attempt to target those users

    Cybercriminals can also use social media to contact potential victims

    They do that to build trust and persuade them to visit a phishing page. Companies can protect their employees with training against phishing and social engineering. Trained employees are less likely to fall for attacks than users with no training.

    How social media is putting your data at risk

    Millions of people spent significant time working from home during Covid-19, using personal devices. As a result, staff have become more vulnerable to malicious attacks from social media.

    Scammers might first try to infiltrate your social network using mutual connections and acquaintances to develop a false sense of security.

    This is an important reminder that we should remain vigilant when engaging with individuals we have not previously interacted with.

    The consequences of engaging with these cybercriminals is damaging the careers of individuals and associated businesses.

    The Centre for the Protection of National Infrastructure (CPNI) has launched a new campaign to help deter further criminal activity. The campaign asks government staff to focus on:

    • Recognizing malicious profiles
    • Realizing the potential threat
    • Reporting suspicious profiles to a security manager
    • Removing the profiles

    LinkedIn data breach: Spies are using LinkedIn to steal secrets from UK nationals

    LinkedIn is the world’s most used professional networking platform. Cybercriminals can conceal themselves as “headhunters” on the network preying on people who are looking for jobs.

    In April 2021, it was reported that attackers used fake social media profiles to engage specifically with people who have “access to classified or sensitive information.”

    According to MI5, at least 10,000 UK nationals have been approached by fake profiles on LinkedIn over the past five years. The LinkedIn attacks are directed at staff in government departments and major businesses.

    LinkedIn has since commented:

    Our teams utilize multiple automated techniques, coupled with human reviews and member reporting, to maintain LinkedIn as a safe and trusted platform.


    Once connected, the attackers try to influence the individuals by offering speaking or business opportunities, before attempting to gain confidential information. LinkedIn users are being advised to take precautionary measures to protect their accounts and data.

    Stop your data from being breached

    Businesses should always look for suspicious activity, while training employees to follow cybersecurity best practices when operating online, including:

    • Using different passwords on every account
    • Monitoring online transactions
    • Using secure websites

    To prevent social media data breaches, businesses need to ensure they protect user information and secure company data.  Efficient training and technology can also help reduce the likelihood of a data breach along with increasing employee awareness and regularly updating policies.

    Talk to our team of cyber-security experts today to discuss our pioneering approach to bot management and how we can help you detect and stop unwanted bot activity.

    Block Bots Effortlessly with Netacea

    Book a demo and see how Netacea autonomously prevents sophisticated automated attacks.

    Related Blogs

    cost of bots blog banner image
    Alex McConnell

    The Financial Burden of Bots on Streaming Services

    Stay one step ahead of automated attacks targeting your streaming service. Learn how to build your business case for advanced bot protection.
    Alex McConnell

    Why Fraud Teams Need Cryptocurrency Investigation Capabilities in 2024

    Discover the importance of cryptocurrency investigations in 2024. Learn why fraud teams need cryptocurrency investigation capabilities.
    SOC 2 banner image
    Alex McConnell

    What is SOC 2 Type 2 and Why is it Important?

    Netacea is SOC 2 Type I compliant across security, availability, confidentiality, and privacy, demonstrating our commitment to keeping customer data safe and secure.

    Block Bots Effortlessly with Netacea

    Demo Netacea and see how our bot protection software autonomously prevents the most sophisticated and dynamic automated attacks across websites, apps and APIs.
    • Agentless, self managing spots up to 33x more threats
    • Automated, trusted defensive AI. Real-time detection and response
    • Invisible to attackers. Operates at the edge, deters persistent threats
    Book a Demo